From 72b2e274f270810db803aeacee6be70e4778d9e7 Mon Sep 17 00:00:00 2001 From: Taylor Beebe Date: Tue, 9 Apr 2024 10:47:56 -0700 Subject: [PATCH] Paging Audit: Remove and Rename Some Tests Description Remove the AllocatedPagesAndPoolsAreProtected test because the state that it tests is not required by the Enhanced Memory Protection spec and a similar test is executed in the DxeMemoryProtectionTestApp. Rename the NullCheck test to NullPageIsRp to make it more clear what the test does. - [ ] Impacts functionality? - **Functionality** - Does the change ultimately impact how firmware functions? - Examples: Add a new library, publish a new PPI, update an algorithm, ... - [ ] Impacts security? - **Security** - Does the change have a direct security impact on an application, flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter validation improvement, ... - [ ] Breaking change? - **Breaking change** - Will anyone consuming this change experience a break in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call a function in a new library class in a pre-existing module, ... - [x] Includes tests? - **Tests** - Does the change include any explicit test code? - Examples: Unit tests, integration tests, robot tests, ... - [ ] Includes documentation? - **Documentation** - Does the change contain explicit documentation additions outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation on an a separate Web page, ... How This Was Tested Tested by building and running the test on Q35 Integration Instructions N/A --- .../UEFI/Dxe/App/DxePagingAuditTestApp.c | 96 +------------------ 1 file changed, 2 insertions(+), 94 deletions(-) diff --git a/UefiTestingPkg/AuditTests/PagingAudit/UEFI/Dxe/App/DxePagingAuditTestApp.c b/UefiTestingPkg/AuditTests/PagingAudit/UEFI/Dxe/App/DxePagingAuditTestApp.c index 0b7c914482..3617bb58ab 100644 --- a/UefiTestingPkg/AuditTests/PagingAudit/UEFI/Dxe/App/DxePagingAuditTestApp.c +++ b/UefiTestingPkg/AuditTests/PagingAudit/UEFI/Dxe/App/DxePagingAuditTestApp.c @@ -977,97 +977,6 @@ IsMemoryAttributeProtocolPresent ( return UNIT_TEST_PASSED; } -/** - Allocates Pages and Pools of each memory type and - checks that the returned buffers have restrictive - access attributes. - - @param[in] Context Unit test context - - @retval UNIT_TEST_PASSED The unit test passed - @retval other The unit test failed -**/ -UNIT_TEST_STATUS -EFIAPI -AllocatedPagesAndPoolsAreProtected ( - IN UNIT_TEST_CONTEXT Context - ) -{ - UINTN Index; - BOOLEAN TestFailure; - UINTN *PageAllocations[EfiMaxMemoryType]; - UINTN *PoolAllocations[EfiMaxMemoryType]; - - DEBUG ((DEBUG_INFO, "%a Enter...\n", __FUNCTION__)); - - TestFailure = FALSE; - ZeroMem (PageAllocations, sizeof (PageAllocations)); - ZeroMem (PoolAllocations, sizeof (PoolAllocations)); - - for (Index = 0; Index < EfiMaxMemoryType; Index++) { - if ((Index != EfiConventionalMemory) && (Index != EfiPersistentMemory) && (Index != EfiUnacceptedMemoryType)) { - PageAllocations[Index] = AllocatePages (1); - if (PageAllocations[Index] == NULL) { - UT_LOG_ERROR ("Failed to allocate one page for memory type %d\n", Index); - TestFailure = TRUE; - } - - PoolAllocations[Index] = AllocatePool (8); - if (PoolAllocations[Index] == NULL) { - UT_LOG_ERROR ("Failed to allocate an 8 byte pool for memory type %d\n", Index); - TestFailure = TRUE; - } - } - } - - UT_ASSERT_NOT_EFI_ERROR (ValidatePageTableMapSize ()); - UT_ASSERT_NOT_EFI_ERROR (PopulatePageTableMap ()); - - for (Index = 0; Index < EfiMaxMemoryType; Index++) { - if ((Index != EfiConventionalMemory) && (Index != EfiPersistentMemory) && (Index != EfiUnacceptedMemoryType)) { - if (!ValidateRegionAttributes ( - &mMap, - (UINT64)PageAllocations[Index], - EFI_PAGE_SIZE, - EFI_MEMORY_RP | EFI_MEMORY_RO | EFI_MEMORY_XP, - TRUE, - FALSE, - TRUE - )) - { - TestFailure = TRUE; - } - - if (!ValidateRegionAttributes ( - &mMap, - (UINT64)PoolAllocations[Index], - 8, - EFI_MEMORY_RP | EFI_MEMORY_RO | EFI_MEMORY_XP, - TRUE, - FALSE, - TRUE - )) - { - TestFailure = TRUE; - } - } - } - - for (Index = 0; Index < EfiMaxMemoryType; Index++) { - if (PageAllocations[Index] != NULL) { - FreePages (PageAllocations[Index], 1); - } - - if (PoolAllocations[Index] != NULL) { - FreePool (PoolAllocations[Index]); - } - } - - UT_ASSERT_FALSE (TestFailure); - - return UNIT_TEST_PASSED; -} - /** Checks that the NULL page is not mapped or is EFI_MEMORY_RP. @@ -1080,7 +989,7 @@ AllocatedPagesAndPoolsAreProtected ( STATIC UNIT_TEST_STATUS EFIAPI -NullCheck ( +NullPageIsRp ( IN UNIT_TEST_CONTEXT Context ) { @@ -1627,8 +1536,7 @@ DxePagingAuditTestAppEntryPoint ( AddTestCase (Misc, "No pages are readable, writable, and executable", "Security.Misc.NoReadWriteExecute", NoReadWriteExecute, NULL, GeneralTestCleanup, NULL); AddTestCase (Misc, "Unallocated memory is EFI_MEMORY_RP", "Security.Misc.UnallocatedMemoryIsRP", UnallocatedMemoryIsRP, NULL, GeneralTestCleanup, NULL); AddTestCase (Misc, "Memory Attribute Protocol is present", "Security.Misc.IsMemoryAttributeProtocolPresent", IsMemoryAttributeProtocolPresent, NULL, NULL, NULL); - AddTestCase (Misc, "Calls to allocate pages and pools return buffers with restrictive access attributes", "Security.Misc.AllocatedPagesAndPoolsAreProtected", AllocatedPagesAndPoolsAreProtected, NULL, GeneralTestCleanup, NULL); - AddTestCase (Misc, "NULL page is EFI_MEMORY_RP", "Security.Misc.NullCheck", NullCheck, NULL, GeneralTestCleanup, NULL); + AddTestCase (Misc, "NULL page is EFI_MEMORY_RP", "Security.Misc.NullPageIsRp", NullPageIsRp, NULL, GeneralTestCleanup, NULL); AddTestCase (Misc, "MMIO Regions are EFI_MEMORY_XP", "Security.Misc.MmioIsXp", MmioIsXp, NULL, GeneralTestCleanup, NULL); AddTestCase (Misc, "Image code sections are EFI_MEMORY_RO and and data sections are EFI_MEMORY_XP", "Security.Misc.ImageCodeSectionsRoDataSectionsXp", ImageCodeSectionsRoDataSectionsXp, NULL, GeneralTestCleanup, NULL); AddTestCase (Misc, "BSP stack is EFI_MEMORY_XP and has EFI_MEMORY_RP guard page", "Security.Misc.BspStackIsXpAndHasGuardPage", BspStackIsXpAndHasGuardPage, NULL, GeneralTestCleanup, NULL);